How a Turned-Off iPhone Can Still Track and Spy on You
When you turn off your iPhone, most of its wireless chips continue to function. On the latest iPhone models, even without power, Bluetooth, NFC communication, and wireless connectivity based on UWB technology remain active. This feature can be used not only by the phone’s owner but also by malicious actors. How does this work? Let’s break it down.
What Happens When an iPhone Is Off?
Researchers from Germany’s Secure Mobile Networking Lab published a study with a sensational headline, claiming that iPhones can harbor malware that remains active even after the device is powered off. However, if you read the full report, you’ll see that such malware exists only in the researchers’ imagination. In reality, several chips in iOS devices continue to work even when the phone is off. For example, you can still locate your iPhone using the Find My Phone feature after it’s turned off. If the battery dies, the iPhone will automatically shut down and enter a low-power mode, but access to credit cards and other Wallet items remains available. These features can potentially turn a powered-off phone into a tracking device.
Low Power Mode (LPM) and Its Implications
Wireless chips in the iPhone can operate in what’s called Low Power Mode (LPM). Note: LPM is not the same as the regular battery-saving mode (the “yellow battery” icon). In LPM, the device doesn’t respond to button presses or movement. This mode is activated either when the user turns off the phone or when iOS shuts down automatically due to low battery. If you press the power button in LPM, the screen will activate for just a few seconds, showing a low battery warning and a list of active LPM features.
Find My and Express Cards in Low Power Mode
The Find My Phone network remains available after the device is turned off. If you lose your iPhone when it’s dead, you can still find it using this network, which operates via Bluetooth. Express Mode supports selected transit cards, credit cards, and digital keys from Wallet, allowing you to use them quickly without additional authentication. When the phone shuts down due to low battery, these cards and keys remain usable for up to five hours. Originally, only NFC was required to keep these features running, but now a new protocol, DCK 3.0, uses Bluetooth and UWB as well, supporting Express Mode. This protocol is used for digital car keys and helps prevent issues like locking your keys in your car or apartment. It also keeps your cards available for payments even if your phone is dead.
How Does It Work?
LPM support is implemented at the hardware level. The Power Management Unit (PMU) can turn chips on individually. Bluetooth and UWB chips are tightly integrated with the Secure Element (SE) of the NFC chip and store secrets that must be accessible in LPM. Since LPM is hardware-based, you can’t disable it by changing software components. This means iPhone owners can’t be sure that wireless chips are truly off when the device is powered down.
LPM is much sneakier than simply faking a device shutdown by turning off the screen. For example, the NSA once faked turning off smart TV screens for surveillance purposes. On an iPhone, this would quickly drain the battery, making such tampering noticeable. The capabilities of Bluetooth and UWB in LPM are undocumented and were not previously studied. However, Apple’s security documentation describes the NFC LPM feature called Express Card, introduced in iOS 12. German researchers used tools like InternalBlue and Frankenstein to analyze and modify firmware on modern iPhones, discovering that iPhones are not as secure in low-power mode as they appear.
Secure Payments and the Secure Element (SE)
iOS implements secure wireless payments on the NFC chip using Secure Element (SE) technology, which runs on the JavaCard platform. Applets like Apple Pay or DCK are personalized during setup, allowing for additional security zones. For example, payment applets don’t store any credit card information except for a revocable identifier known to the payment network. Applets and their secrets are separated and stored in the SE, never leaving it. During payments or wireless transactions, the SE responds directly, without passing data to iOS. Therefore, even if iOS or apps are compromised, credit cards and other keys cannot be stolen from the SE.
Express Cards and Find My
The Wallet app lets you configure NFC-based credit, discount, and transit cards, as well as keys for Express Mode. Express cards no longer require SEP authorization, enabling fast and convenient payments without unlocking the iPhone. In Express Mode, simply possessing the phone is enough for authorization. If authorization is skipped, neither SEP nor iOS is needed to complete the NFC transaction, and communication can work autonomously via SE applets.
When the iPhone runs out of battery, if you have an express card, the iPhone will shut down, but the NFC chip will remain powered for five hours, allowing express cards to work. However, if the device is turned off manually, NFC is also disabled.
iOS 15 introduced two new features available in LPM: Find My Phone (Apple’s own Bluetooth-based offline network for finding lost devices) and support for Digital Car Key (DCK 3.0), which uses UWB for secure distance measurement. Both Bluetooth and UWB can work autonomously while iOS is off. These features are undocumented and were not previously studied.
How Find My Works
Find My is an offline network for locating devices, including iPhones, AirTags, and other Apple devices, even when they’re not connected to the internet. In lost mode, the device regularly sends out BLE (Bluetooth Low Energy) broadcast notifications. Nearby devices connected to the network pick up these notifications and report the location to the rightful owner. The Find My protocol is end-to-end encrypted, anonymous, and privacy-preserving. Security is based on a device-specific “beacon” master key, synchronized with the user’s iCloud keychain. Access remains as long as the user can log into iCloud.
The keychain is also stored locally, and accessing its secret key requires going through SEP. The beacon master key generates a rolling sequence of public/private key pairs, each valid for a specific time window. The device broadcasts the current public key via BLE, and part of this key also randomizes the MAC address. Any device connected to the internet and observing a BLE Find My broadcast can encrypt its current approximate location with the public key and report it to Apple. Only the rightful owner of the lost device, which is still offline, has the matching private key to decrypt the location report. The public key sequence on the iPhone rotates completely every 15 minutes, limiting the ability to track the phone via BLE broadcasts. AirTags work similarly.
Find My continues to work after the device is powered off, and this is shown in the shutdown dialog. Users can change this setting each time they manually turn off the device. If the iPhone’s battery is completely drained and it switches to backup power, Find My activates automatically, similar to express cards on the NFC chip. Bluetooth firmware is required to support LPM, allowing BLE messages to be sent when iOS is off.
Digital Car Keys (DCK 3.0)
Alongside NFC cards, iOS also supports digital car keys (DCK 3.0). These are used by car-sharing services and apps that let you control modern “digital” cars from your phone-remotely starting the engine, enabling security mode, unlocking doors and trunks, and activating the immobilizer. DCK also allows setting speed limits for young drivers and sharing keys via iCloud.
While DCK is convenient, it introduces new attack vectors, mainly affecting car manufacturers. A compromised DCK or flaws in its implementation can be used to steal a car, but not to steal an iPhone. Car theft is not a digital payment-it can’t be reversed. These risks prompted automakers to move from DCK 2.0 (NFC-based) to DCK 3.0.
NFC (Near Field Communication) only works at close range, but older car key technologies are vulnerable to relay attacks, where signals are transmitted over longer distances than intended. This is a serious threat, as relay attacks can unlock a car when the owner isn’t nearby. The first practical and affordable tool for NFC relay attacks was described in 2011, and similar tools still exist for newer NFC technologies.
While DCK 2.0 is based on NFC, DCK 3.0 adds secure ranging using UWB. Although UWB was promoted as a secure distance technology, its measurement parameters are not perfect. Cheap attacks have already been demonstrated that reduce the measured distance for Apple’s UWB chip (up to 12 meters).
DCK 3.0 uses both BLE and UWB. BLE provides initial connection and authentication, then UWB is used for precise distance measurement with symmetric key protection, but without data transfer. Both BLE and UWB require access to a secret key. The DCK 3.0 specification, detailing BLE and UWB protocols, is only available to Car Connectivity Consortium members.
Apple began using hardware components for DCK 3.0 starting with iPhone 11. On iPhones supporting DCK 3.0, the Secure Element (SE) is tightly integrated into the Bluetooth and UWB chips. Like SE-based NFC transactions, SE-generated responses are broadcast directly, without involving iOS. iPhone models with Bluetooth and UWB chips supporting LPM are listed in the table below.
Limitations and Security Concerns with Find My Phone
At the application level, researchers assumed that attackers did not manipulate the iPhone’s firmware or software. Instead, attackers might try to compromise or exploit LPM features-such as disabling Find My Phone to steal an iPhone or using express cards to steal money.
For Find My Phone, it was found that the phone stops sending broadcast messages much sooner than expected, and in many cases, doesn’t send them at all. When the device is turned off by the user, the system creates only 96 such messages, sent at 15-minute intervals. All messages are sent within 24 hours. This isn’t explained to users, who might think their lost iPhone can be found for days. Also, Find My Phone can be disabled when powering off the device, but starting with iOS 15.3, you need to enter a password-an extra anti-theft measure from Apple.
Find My stops working after the first unlock of the iPhone, 24 hours later. When the phone is turned off, messages for the next 24 hours are stored on the device. Even if Find My is forcibly disabled, messages are still cached. Once the iPhone boots up, it restores the Find My token from non-volatile memory (NVRAM), and this token persists across reboots. The token is then used to decrypt cached messages, making them available to the Bluetooth daemon before the first unlock. After 24 hours, the iPhone stops sending messages. This is independent of previous actions-the iPhone could have already been in LPM or rebooted directly. Since messages are tied to a scheduled transmission period, you can’t extend this period.
If the iPhone has an internet connection before the first unlock, it will connect to Apple’s servers and report its location. The iPhone may be offline before the first unlock for various reasons. Wi-Fi keys are only available after the first unlock, and cellular connections are cut if the user protected the SIM card with a PIN or removed the SIM. Therefore, a thief can be sure that after 24 hours, Find My Phone will be inactive, even if the iPhone is charged-just remove the SIM and turn on the phone outside the range of open wireless networks.
Even when the user interface shows that Find My Phone is active after shutdown, this may not be true. For example, Find My Phone may fail to generate messages. If the Find My setting fails for any reason during shutdown, the user receives no warning.
Researchers also noticed another oddity: if you turn off the iPhone and connect it to a charger, then remove the charger, the iPhone may boot up by itself after a couple of hours. If the cable wasn’t inserted during shutdown, the device won’t auto-boot. This means users may find their iPhone battery completely drained even if they didn’t turn the phone on.
Firmware Manipulation Risks
Modern iPhones have LPM support in NFC, UWB, and Bluetooth chips. An attacker doesn’t need to change the kernel’s behavior-they can use existing drivers to enable LPM on these chips, only needing to modify the chip’s firmware. The NFC chip is the only wireless chip on the iPhone with encrypted and signed firmware. Attempts to bypass the secure bootloader have failed. The UWB chip also has secure boot, but its firmware is only signed, not encrypted. Bluetooth firmware is neither encrypted nor signed, and there’s no secure boot, so there’s no root certificate to verify firmware integrity.
Attackers without system-level access can try to take control of the device via an LPM-capable chip. Various vulnerabilities have been found in Bluetooth chips used in iPhones, and similar vulnerabilities exist in other wireless chips. For example, the Find My Phone module sends messages via Bluetooth but doesn’t receive data. However, Express Mode for NFC, as well as Bluetooth and UWB for DCK 3.0, allow data exchange.
Even if all firmware were protected from tampering, an attacker with system-level access could still send their own commands to the chips. The Bluetooth daemon configures LPM for Find My Phone when the device is turned off, using vendor-specific HCI commands. These commands allow detailed configuration, including setting broadcast message rotation intervals and content. Using these commands, an attacker could, for example, set a public key as the content of every other message so that it matches their account. The attacker could then locate the victim’s device, while the real user would see the recent location of their iPhone in Find My Phone, even though it’s no longer there.
Conclusion
Because LPM support is hardware-based in the iPhone, it can’t be removed with system updates. As a result, it has a long-term impact on the entire iOS security model.
It appears that LPM features were designed mainly for practical reasons, without considering threats that arise outside intended use cases. Since Find My Phone continues to work after the iPhone is turned off, devices can inherently become tracking tools, and the Bluetooth firmware is not protected from tampering. Tracking features can be silently altered by an attacker with system-level access. Moreover, modern support for digital car keys requires ultra-wideband data transmission in LPM.
Currently, Bluetooth and UWB are tightly integrated into the Secure Element (SE), where car keys and other secrets are stored. Since Bluetooth firmware can be manipulated, access to SE interfaces is also possible from iOS.
Even though LPM increases security and convenience in many scenarios, Apple should consider adding a hardware switch to physically disconnect the device from the battery. This would improve privacy for those especially concerned about data confidentiality and potential surveillance, such as journalists.